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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH (S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to.become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)13 Responsive to communication(s) filed on 17 December 2007 . 
2a)|El This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1 935 CD. 1 1 , 453 O.G. 21 3. 

Disposition of Claims 

4) [>3 Claim(s) 1-10 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) Q Claim(s) is/are allowed. 

6) [X] Claim(s) 1-10 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) Q Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
1 1 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-1 52. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)QAII b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. Q Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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Response to Amendment 

This Office Action is in response to a communication made on December 17, 

2007. 

Claims 1-6 have been amended. 

Claims 1-10 are pending in this application. 

Claim Rejections - 35 USC §103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1-10 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Reiche (6092196) in view of Rode (6970904), and in further view of He (6088451). 

Regarding claims 1, 3, and 5, Reiche teaches a method for controlling user 
access to distributed resources on a data communications network (Column 8, lines 9 - 
13), the method comprising: 

receiving, by a resource server peer group, a resource request for a resource 
stored on said resource server peer group, said resource request including, at time of 
first receipt of said resource request itself from a user, a request for said resource and a 
rights key credential (Column 9, lines. 38 - 42), said rights key credential comprising: 
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at least one key to provide access to a resource on said data communications 
network (Column 9, lines 3 - 5) so that said at least one key is included in said resource 
request; and 

a resource identifier (Column 9, lines 45 - 46) included in said resource request, 
said resource identifier comprising a resource server peer group ID and' a user ID 
(Column 8, lines 65 - 66), said resource server peer group ID identifying said resource 
server peer group (Column 10, lines 50 -63), said resource server peer group 
comprising at least one server that maintains a mapping between a user ID and said at 
least one key (Column 8, line 64 - Column 9, line 6; Column 1 0, lines 39 - 49); and 

' providing said resource by said resource server peer group when said resource 
server peer group matches said at least one key (Column 9, lines 63 - 66) with an 
identifier in a set of identifiers associated with said resource (Column 10, lines 50-63) 
so that said receiving, said providing and said matching are performed on said resource 
server peer group without accessing another server outside said resource server peer 
group wherein said resource server peer group includes a plurality of resource servers 
(Column 10, lines 50-63). 

Reiche does not explicitly indicate that the user ID is a randomized user ID. 

Rode teaches a system for controlling access to system resources (Abstract) that 
includes a unique identifier for the user as taught in Reiche, but further teaches that the 
identifier can be a uniformly chosen random number (Column 2, lines 45 - 54). 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to use Rode's teaching of choosing a random number for the 
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unique identifier in order to allow an identifier be chosen without contain any personal 
information about the user, allowing the system to keep the user anonymous. 

Reiche does not explicitly indicate the rights key credential is contained in the 
initial request from the server resource . 

He teaches an authentication system that requires user authentication before any 
resource requests are made, which includes receiving the rights key credentials before 
requests are made to the server resources. (Column 1 8, lines 35 - 41 and Column 1 9, 
lines 3-7 teaches that the credential key is created by communication to the 
authentication and Column 20, lines 29 - 33 credential server and shows that the 
credential key is then located within the user request to access resources on the 
resource server.) 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to use He's teaching of authenticating before allowing resource 
request system in Reiche's system to have a more scalable system which allows for 
greater system size and more diverse network elements (Column 1 2, lines 36 - 41 ). 

Regarding claims 2, 4, and 6, Reiche teaches a method for controlling user 
access to distributed resources on a data communications network (Column 8, lines 9 - 
13), the method comprising: 

receiving, by a resource server peer group, a resource request for a resource 
stored on said resource server peer group, said resource request including at time of 
receipt of said resource request itself, a request for said resource and a rights key 
credential (Column 9, lines 38 - 42), said rights key credential comprising: 
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at least one key to provide access to a resource on said data communications 
network (Column 9, lines 3 - 5) so that said at least one key is included in said resource 
request each of said at least one resource stored on a separate secure device (Figure 
1, elements 120 and 150); and 

a resource identifier included in said resource request (Column 9, lines 45 - 46), 
said resource identifier comprising a resource server peer group ID and a user ID 
(Column 8, lines 65 - 66), said resource server peer group ID identifying a resource 
server peer group (Column 10, lines 50 - 63), said resource server peer group 
comprising at least one server that maintains a mapping between a user ID and said at 
least one key (Column 10, lines 39-49); and 

providing said resource by said resource server peer group when said resource 
server peer group matches said at least one key (Column 9, lines 63 - 66) with an 
identifier in a set of identifiers associated with said resource (Column 10, lines 50 - 63) 
so that said receiving, said providing and said matching are performed on said resource 
server peer group without accessing another server outside said resource server peer 
group wherein said resource server peer group includes a plurality of resource servers 
(Column 1 0, lines 50 - 63). 

Reiche does not explicitly indicate that the user ID is a randomized user ID. 

Rode teaches a system for controlling access to system resources (Abstract) that 
includes a unique identifier for the user as taught in Reiche, but further teaches that the 
identifier can be a uniformly chosen random number (Column 2, lines 45 - 54). 
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It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to use Rode's teaching of choosing a random number for the 
unique identifier in order to allow an identifier be chosen without contain any personal 
information about the user, allowing the system to keep the user anonymous. 

Reiche does not explicitly indicate the rights key credential is contained in the 
initial request from the server resource . 

He teaches an authentication system that requires user authentication before any 
resource requests are made, which includes receiving the rights key credentials before 
requests are made to the server resources. (Column 1 8, lines 35 - 41. and Column 1 9, 
lines 3-7 teaches that the credential key is created by communication to the 
authentication and Column 20, lines 29 - 33 credential server and shows that the 
credential key is then located within the user request to access resources on the 
resource server.) 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to use He's teaching of authenticating before allowing resource 
request system in Reiche's system to have a more scalable system which allows for 
greater system size and more diverse network elements (Column 12, lines 36 - 41 ). 

Regarding claims 7 and 9, Reiche teaches the method of claims 1 and 2, 
wherein said rights key credential further comprises a nested credential referring to at 
least one credential relating to a resource delivery mechanism (Column 10, lines 50 - 
67). 
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Regarding claims 8 and 10, Reiche teaches the method of claims 7 and 9, 
wherein said providing said resource further comprises using said resource delivery 
mechanism. 

Response to Arguments 

Applicant's arguments with respect to claims 1-10 have been considered but are 
moot in view of the new ground(s) of rejection. 

Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 
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Any inquiry concerning this communication or earlier communications. from the 
examiner should be directed to Kevin Bates whose telephone number is (571) 272- . 
3980. The examiner can normally be reached on 9 am - 5 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Glen Burgess can be reached on (571 ) 272-3949. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR: 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 




Kevin Bates 
January 31, 2008 




